CVE-2023-3597: 
Java vulnerability analysis and mitigation

A vulnerability was discovered in Keycloak's authentication system (CVE-2023-3597) where the client step-up authentication validation in org.keycloak.authentication is not implemented correctly. The vulnerability affects Keycloak installations and related products such as Red Hat build of Keycloak and Red Hat Single Sign-On (Red Hat CVE).

The vulnerability exists in the client step-up authentication mechanism within org.keycloak.authentication component. The flaw has been assessed with a CVSS v3.1 base score of 5.0 (Moderate severity) by Red Hat. The technical assessment indicates that exploitation requires specific conditions, including the attacker having valid credentials within the system and the application being configured to use the step-up flow (Red Hat CVE).

When exploited, this vulnerability allows a remote user who is already authenticated with a password to register a false second authentication factor alongside an existing one. This false factor can then be used to bypass authentication mechanisms, specifically the step-up authentication process. The impact is limited to user-level access and does not affect the system as a whole (Red Hat CVE).

The vulnerability has been addressed in Red Hat build of Keycloak 22.0.10 and related products. Users are advised to upgrade to the latest version that includes the security fix. The fix has been distributed through various security advisories including RHSA-2024:1868 for Red Hat build of Keycloak (Red Hat Advisory).